Difference between revisions of "Release 1.8"
From K5Wiki
(→Protocol evolution) |
(→Administrator experience) |
||
| Line 38: | Line 38: | ||
* More versatile [[Projects/Enctype_config_enhancements|crypto configuration]], to simplify migration away from DES |
* More versatile [[Projects/Enctype_config_enhancements|crypto configuration]], to simplify migration away from DES |
||
* [[Projects/Lockout|Lockout]] for repeated login failures |
* [[Projects/Lockout|Lockout]] for repeated login failures |
||
| − | * [[Projects/Trace logging|Trace logging]] for easier troubleshooting |
||
== Protocol evolution == |
== Protocol evolution == |
||
Revision as of 22:09, 30 December 2009
This is the preliminary proposed goal set for the krb5-1.8 release. Please provide comments on the krbdev list. This page organizes the goals by the "guiding principles" listed in the roadmap.
Contents
Timeline
This is only an approximate timeline.
- 2009-10-06 -- "halfway point" feature and integration test
- 2010-01-04 -- make release branch
- 2010-03-01 -- final release
Code quality
- Move toward test-driven development
- Increase conformance to coding style
- See Coding style/Transition strategies
- "The great reindent"
- Selective refactoring
Modularity
- Crypto modularity
- Move toward improved KDB interface
- Improved API for verifying and interrogating authorization data
Performance
- Investigate and remedy repeatedly-reported performance bottlenecks.
- Encryption performance
End-user experience
- Reduce DNS dependence
- Love's ccache auxiliary data proposal allows client library to track whether a KDC supports service principal referrals.
Administrator experience
- Disable DES by default (1.8)
- More versatile crypto configuration, to simplify migration away from DES
- Lockout for repeated login failures
